Noriu/Cyber_Security_Notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
008926db52
Cyber_Security_Notes/B. 第二阶段/拓扑练习/0903_项目实战 - 基础交换网络设计.md

250 lines
6.7 KiB
Markdown
Raw Normal View History

2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
# 项目实战 - 基础交换网络设计
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
![image-20240903094302311](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240903094302311.png)
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
![image-20240902173915624](https://picgo-noriu.oss-cn-beijing.aliyuncs.com/Images/image-20240902173915624.png)
### 一、IP、VLAN、Routing
- **PC**
- **SW1**
```
[SW1]vlan batch 10 20 30
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
[SW1]port-group group-member g0/0/1 g0/0/3 g0/0/4
[SW1-port-group]port link-type access
[SW1-port-group]port default vlan 10
[SW1-port-group]quit
[SW1]int g0/0/2
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
[SW1-GigabitEthernet0/0/2]port link-type trunk
[SW1-GigabitEthernet0/0/2]port trunk allow-pass vlan all
```
- **SW2**
```
[SW2]vlan batch 10 20 30
[SW2]int g0/0/1
[SW2-GigabitEthernet0/0/1]port link-type access
[SW2-GigabitEthernet0/0/1]port default vlan 20
[SW2-GigabitEthernet0/0/1]int g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type trunk
[SW2-GigabitEthernet0/0/2]port trunk allow-pass vlan all
```
- **SW3**
```
[SW3]vlan batch 10 20 30
[SW3]int g0/0/1
[SW3-GigabitEthernet0/0/1]port link-type access
[SW3-GigabitEthernet0/0/1]port default vlan 30
[SW3-GigabitEthernet0/0/1]int g0/0/2
[SW3-GigabitEthernet0/0/2]port link-type trunk
[SW3-GigabitEthernet0/0/2]port trunk allow-pass vlan all
```
2024年9月3日 09:47:26
2024-09-03 09:47:24 +08:00
- **HX - SW5**
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
```
[HX-SW5]vlan batch 10 20 30 50
[HX-SW5]port-group group-member g0/0/1 to g0/0/3
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
[HX-SW5-port-group]port link-type trunk
[HX-SW5-port-group]port trunk allow-pass vlan all
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
[HX-SW5-port-group]quit
[HX-SW5]int g0/0/5
[HX-SW5-GigabitEthernet0/0/5]port link-type access
[HX-SW5-GigabitEthernet0/0/5]port default vlan 50
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
[HX-SW5-GigabitEthernet0/0/5]quit
[HX-SW5]int vlan 50
[HX-SW5-Vlanif50]ip add 192.168.50.251 24
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
```
- **AR3 - DHCP**
```
[AR3-DHCP]int g0/0/1
[AR3-DHCP-GigabitEthernet0/0/1]ip add 192.168.50.1 24
[AR3-DHCP-GigabitEthernet0/0/1]quit
[AR3-DHCP]ip route-static 0.0.0.0 0 192.168.50.251
```
### 二、DHCP
2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
#### 1、配置
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
- **AR3 - DHCP**
```
[AR3-DHCP]dhcp enable
[AR3-DHCP]ip pool vlan10
[AR3-DHCP-ip-pool-vlan10]network 192.168.10.0 mask 24
[AR3-DHCP-ip-pool-vlan10]gateway-list 192.168.10.254
[AR3-DHCP-ip-pool-vlan10]dns-list 8.8.8.8
[AR3-DHCP-ip-pool-vlan10]quit
[AR3-DHCP]ip pool vlan20
[AR3-DHCP-ip-pool-vlan20]network 192.168.20.0 mask 24
[AR3-DHCP-ip-pool-vlan20]gateway-list 192.168.20.254
[AR3-DHCP-ip-pool-vlan20]dns-list 8.8.8.8
[AR3-DHCP-ip-pool-vlan20]quit
[AR3-DHCP]ip pool vlan30
[AR3-DHCP-ip-pool-vlan30]network 192.168.30.0 mask 24
[AR3-DHCP-ip-pool-vlan30]gateway-list 192.168.30.254
[AR3-DHCP-ip-pool-vlan30]dns-list 8.8.8.8
[AR3-DHCP-ip-pool-vlan30]quit
[AR3-DHCP]int g0/0/1
[AR3-DHCP-GigabitEthernet0/0/1]dhcp select global
```
- **HX - SW5**
```
[HX-SW5]dhcp enable
2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
[HX-SW5]int Vlanif 10
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
[HX-SW5-Vlanif10]ip add 192.168.10.251 24
[HX-SW5-Vlanif10]dhcp select relay
[HX-SW5-Vlanif10]dhcp relay server-ip 192.168.50.1
2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
[HX-SW5-Vlanif10]int Vlanif 20
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
[HX-SW5-Vlanif20]ip add 192.168.20.251 24
[HX-SW5-Vlanif20]dhcp select relay
[HX-SW5-Vlanif20]dhcp relay server-ip 192.168.50.1
2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
[HX-SW5-Vlanif20]int Vlanif 30
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
[HX-SW5-Vlanif30]ip add 192.168.30.251 24
[HX-SW5-Vlanif30]dhcp select relay
[HX-SW5-Vlanif30]dhcp relay server-ip 192.168.50.1
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
```
2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
#### 2、测试
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
- **PC1 *[VALN10]***
```
PC1>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fed3:1698
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.10.253
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.254
Physical address..................: 54-89-98-D3-16-98
DNS server........................: 8.8.8.8
2024年9月2日 18:09:14
2024-09-02 18:09:13 +08:00
```
2024年9月3日 09:44:37
2024-09-03 09:44:32 +08:00
- **PC2 *[VALN20]***
```
PC2>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fe31:2c88
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.20.253
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.20.254
Physical address..................: 54-89-98-31-2C-88
DNS server........................: 8.8.8.8
```
- **PC3 *[VALN30]***
```
PC3>ipconfig
Link local IPv6 address...........: fe80::5689:98ff:fef9:3881
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.30.253
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.30.254
Physical address..................: 54-89-98-F9-38-81
DNS server........................: 8.8.8.8
2024年9月3日 10:55:24
2024-09-03 10:55:22 +08:00
```
****
### 三、VLAN间通信
> 要实现vlan间通信需修改vlanif的IP地址修改为DHCP分配的网关地址
#### 1、配置
- **HX - SW5**
```
[HX-SW5]int Vlanif 10
[HX-SW5-Vlanif10]ip add 192.168.10.254 24
[HX-SW5-Vlanif10]int Vlanif 20
[HX-SW5-Vlanif20]ip add 192.168.20.254 24
[HX-SW5-Vlanif20]int Vlanif 30
[HX-SW5-Vlanif30]ip add 192.168.30.254 24
```
#### 2、测试
- **PC1 PING PC2**
```
PC1>ping 192.168.20.253
Ping 192.168.20.253: 32 data bytes, Press Ctrl_C to break
From 192.168.20.253: bytes=32 seq=1 ttl=127 time=109 ms
From 192.168.20.253: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.20.253: bytes=32 seq=3 ttl=127 time=79 ms
From 192.168.20.253: bytes=32 seq=4 ttl=127 time=78 ms
From 192.168.20.253: bytes=32 seq=5 ttl=127 time=78 ms
--- 192.168.20.253 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 78/84/109 ms
```
- **PC1 PING PC3**
```
PC1>ping 192.168.30.253
Ping 192.168.30.253: 32 data bytes, Press Ctrl_C to break
From 192.168.30.253: bytes=32 seq=1 ttl=127 time=94 ms
From 192.168.30.253: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.30.253: bytes=32 seq=3 ttl=127 time=79 ms
From 192.168.30.253: bytes=32 seq=4 ttl=127 time=93 ms
From 192.168.30.253: bytes=32 seq=5 ttl=127 time=94 ms
--- 192.168.30.253 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 78/87/94 ms
```
- **PC2 PING PC3**
```
PC2>ping 192.168.30.253
Ping 192.168.30.253: 32 data bytes, Press Ctrl_C to break
From 192.168.30.253: bytes=32 seq=1 ttl=127 time=94 ms
From 192.168.30.253: bytes=32 seq=2 ttl=127 time=78 ms
From 192.168.30.253: bytes=32 seq=3 ttl=127 time=94 ms
From 192.168.30.253: bytes=32 seq=4 ttl=127 time=78 ms
From 192.168.30.253: bytes=32 seq=5 ttl=127 time=78 ms
--- 192.168.30.253 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 78/84/94 ms
```
Reference in New Issue Copy Permalink